Secret Server enhances usability with automated and simplified secrets management - The EE

Secret Server enhances usability with automated and simplified secrets management

Redwood City, CA. and Washington, D.C., USA. 12 January 2022 – ThycoticCentrify, a provider of cloud identity security solutions formed by the merger of privileged access management (PAM) firms Thycotic and Centrify, announced new and expanded capabilities for PAM solution, Secret Server.

With the addition of new security controls, automation, and design updates, Secret Server builds on its secrets management capabilities and ease-of-use to offer greater protection and higher productivity.

According to the Verizon 2021 Data Breach Investigations Report, credentials are the primary means by which threat actors hack into an organisation, with 61% of breaches attributed to compromised credentials. To reduce this threat, all organisations independent of size, location, or industry need robust, easy-to-use solutions in place to protect the accounts and credentials that allow access to these privileges.

Stronger security controls reduce risk 

The latest Secret Server release allows organisations to rotate Secret Server’s master encryption key on demand. Rotating individual secrets housed within the digital vault provides an additional layer of protection to block external actors from gaining access to it. 

Secret Server also streamlines the connection process for organisations that use jump boxes to protect access to critical resources. Rather than taking time to inject unique credentials at every connection point, users can now use a single key to navigate an entire route from launch, to jump box, to destination within a single session. Users can launch the end-to-end route via Secret Server or the interface of the Connection Manager session management tool. 

“Our continued focus on decreasing the steps required to safeguard secrets reduces the workload on security administrators and the attack surface area,” says, Jon Kuhn, SVP of product management at ThycoticCentrify. “As an example, our master encryption key rotation capability is simple to implement and provides an additional layer of protection to block external actors from gaining access to all the other keys stored on the platform.”

Checkout enhancements remove bottlenecks 

To enhance auditing and compliance, Secret Server ensures that only one privileged user at a time can use a secret. When secrets aren’t checked back into Secret Server after use, critical maintenance operations can’t be performed and productivity slows. The latest release automatically checks in secrets for API connections after expiration. 

Additionally, users now have more visibility into remaining time on a secret checkout and can extend the checkout if required. 

The latest release also includes enhancements to the Secret Server interface, logging, and reporting to increase usability and accessibility through improved keyboard navigation and screen reader hints.

Organisations can try the latest version of Secret Server for free here.

Follow us and Comment on Twitter @TheEE_io

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close